System Security Specialist, C&IT

Wayne State University is searching for an experienced System Security Specialist, C&IT at its Detroit campus location.

Wayne State is a premier, public, urban research university located in the heart of Detroit, Michigan where students from all backgrounds are offered a rich, high-quality education. Our deep-rooted commitment to excellence, collaboration, integrity, diversity and inclusion creates exceptional educational opportunities which prepare students for success in a global society.

JOB PURPOSE

The System Security Analyst is responsible for the day-to-day operations of the Information Security and access management team. This role works closely with both the Identity Management (IDM) and Operations Team Leads to support various aspects of information security functions provided for the University and within a collaborative and multifaceted team environment. This position reports to the Senior Director, Chief Information Security Officer.

ESSENTIAL FUNCTIONS

Firewall Change Requests

Analyze requested changes to existing firewall rulesets. Prove demonstrated need for rule changes and accuracy of addressed changes, obtaining proof and documentation where needed. Identify specific firewalls to be modified and creation of rule elements with least-privilege concepts in mind. Accurately create and deploy changes appropriate for each firewall device. Log and document all changes to firewall configurations and rulesets.

Access Management

Act as the first responder to Enterprise System access and de-provisioning request. Triage and address any low-level inquires related to identity and system access. Maintain documentation of the Enterprise System Access Process.

Operate University Security Tools

Configure, maintain and provide daily operations of the tools that provide information security services such as vulnerability management scanning and issuing SSL certificates. Light system management of other SaaS based tools that provide services such as 2FA, Password management and Security Training.

Triage Incoming Operations Incidents

Monitor incoming incident queue and act as first responder. Identify relevance, credibility, and criticality of reported events. Gather additional logs or information to verify incident claims. Escalate critical or important incidents to senior staff.

Address, Investigate, Document, and Resolve Low Level Security Incidents

Act as primary responder for identified low-level incidents.  Gather and analyze system logs, network captures, and external data during investigative process. Resolve and respond to incident per established procedures. Document and log all aspects of investigation.

Identify Issues and Work on Security Projects

Understand current security landscape in relation to existing Information Security Program. Identify areas of improvement where organizational risks can be minimized or existing risks can be dealt with in a more efficient manner. Work on security projects at the direction and guidance of the Information Security Officer.

Perform other related duties as assigned.

WORK CONTEXT

Job Reports to: Senior Director/Chair.

Customer Accountability: Interfaces with customers outside the S/C/D.

Freedom to Act: Subject to general input from supervisor.

MINIMUM QUALIFICATIONS

Education   

• Bachelor's degree.
• Bachelor’s degree in Computer Science, Management Information Systems, or related field, or equivalent combination of education and experience.

Experience   

• Experienced (minimum 2 years of job-related experience)
• Minimum 2 years’ experience in supporting technology, application development or security administration in an enterprise environment. 
• Experience in a broad range of technologies is preferred. 
• Experience in a higher education environment is a plus.

KNOWLEDGE, SKILLS, AND ABILITIES

• Technology Skills: Intermediate understanding of networking concepts, such as routing and TCP/IP. Intermediate understanding the Windows Operating System, preferred knowledge of Linux and Mac OS. Intermediate understanding of firewall functionality, including VPNs and encryption. Basic understanding of identity and directory services concepts such as RBAC and MFA. Basic understand of information security threats and controls for managing those threats.
• Analytical Skills: Analyzes the impact of potential actions. Demonstrates the ability to apply analytical and logical thinking to gather and analyze information. Capable of analyzing large volumes of data and summarizing results. Proposes, evaluates alternative solutions to achieve organizational goals.
• Problem Solving Skills: Identifies and resolves problems in a timely manner. Anticipates the implications and consequences of situations and takes appropriate action to be prepared for contingencies. Leads groups in problem analysis and process improvement initiatives.
• Interpersonal Skills: Relates to people in an open, friendly, and acceptable manner. Effectively balances the interests and needs of own group with the broader organization. Resolves conflicts and disagreements and builds consensus.
• Teamwork and Peer Relationships: Ability to work through and with others at all organizational levels to ensure work is completed and objectives are met. Ability to be a contributing and constructive member of University committees and task forces. Demonstrates the ability to build a collaborative or team environment within responsible or assigned areas.
• Customer Focus: Establishes and maintains effective relationships with customers and gains their trust and respect. Proactively identifies customer issues and quickly and effectively resolves customer problems. Establishes customer service standards and objectives.
• Communication Skills: Ability to provide direction and guidance in information security matters to departments across campus. Expresses oneself clearly in conversations and interactions with others. Expresses oneself clearly and concisely in writing. Concisely summarizes large or complex issues both verbally and in writing.

H25 - Computing & Info Technology

H2540 - Information Security & Access Management

• Regular Employee
• Job type: Full Time
• Job category: Staff/Administrative

• Compensation type: Annual Salary
  
• Salary minimum: $46,400
• Salary hire maximum: $70,000

Normal office environment.

• Number of openings: 1
• Reposted position: No
  

University policy requires certain persons who are offered employment to undergo a background check, including a criminal history check, before starting work. If you are offered employment, the university will inform you if a background check is required.

Wayne State University provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. The university encourages applications from women, people of color and other underrepresented people. Wayne State is an affirmative action/equal opportunity employer.